"Spy scandal" - EPO hits the news in Germany

Merpel loves dreaming up eyecatching headlines, but
for once the work has been done for her by the experts at the Süddeutsche
Zeitung. (For those not familar with the title, the Süddeutsche Zeitung is
the largest German daily newspaper, so Merpel is treating this story on a par
with something published in the Telegraph, or the New York Times.)

Merpel suspects that this rather jovial photo, accompanying the online article, was nottaken after Mr Battistelli read this morning's
newspaper. Photo: Alessandra Schellnegger

In brief,
the SZ reports in the article translated below (original here) that
computers on the EPO premises which were available for use by the public, by
attorneys visiting the office, and by members of the Administrative Council,
had keylogger software installed. Keylogger programs surreptitiously record all
user inputs and may also take snapshots of your screen and photos of the user
operating the computer.

This
flagrant invasion of privacy comes in the wake of evidence that Mr. Battistelli
has engaged a firm specialising
in counter-surveillance and threat monitoring. Not because of any imminent
terror threat, mind you: all this came about originally because it was
suspected that an employee was circulating material alleged to be defamatory.
One cannot help thinking in terms of the old cliche about using a sledgehammer
to crack a mouse.

Merpel,
who has grown rather tired of appealing to the Administrative Council members
to hold the EPO management to the same governance standards as would be
required in their own national Patent Offices and civil services, wonders if
this latest news will convince some of those on the fence that a more robust
approach is required when they next attend an AC meeting at the EPO.

Merpel
extends heartfelt thanks to a couple of anonymous eagle-eyed readers who not
only sent her copies of the article, but who also supplied their own
translations, one of which is set out below.

Spy
scandal

The
European Patent Office carried out secret surveillance on employees using
keyloggers

·At the
headquarters of the European Patent Office (EPO) two publicly accessible
computers were fitted with cameras and surveillance technology during a period
of several weeks.

·They were
used in an internal procedure which involves a patent judge who is accused of
having disseminated defamatory communications about the President of the EPO
and other managers over a period of months.

·However,
the action also affected many employees of the EPO, perhaps even members of the
Administrative Council.

by Katja
Riedel

The
President of the European Patent Office (EPO) is set to travel to Brussels next
week. There he will be received by the Legal Affairs Committee for "an
exchange of views" according to the agenda. Benoît Battistelli is supposed
to speak about the latest developments in patent law, the new patent courts and
various other reforms.

There
should be no lack of subjects for discussion in view of the ongoing state of
crisis between Battistelli and many of the approximately 7,000 employees in
Munich, Berlin, Vienna and The Hague. Since Battistelli initiated an extensive
reform programme, which amongst other things has completely restructured the
EPO’s career system, there have been vehement confrontations. Now a new and
awkward subject has been added to the list: allegations of covert surveillance.

According
to an internal document which the SZ has seen publicly accessible
computers were placed under surveillance at the EPO towards the end of last
year: by means of cameras and so-called keyloggers. This allows the recording
of what the user types, which pages he accesses and how he communicates.

None of
the users were aware that the devices had been installed

Some
keyloggers are capable of taking snapshots of the screen. The camera records
contemporaneously which person was operating the computer at the time in
question. A particularly juicy detail here is that none of the users were aware
that the devices had been installed - and the two computers which were equipped
with these monitoring devices according to the confidential document of the
internal investigation unit, were probably located on the first floor of the
EPO headquarters at Erhardtstraße in Munich.

Namely, in a publicly accessible area, which was provided especially for the
members of the
Administrative Council - the highest authority in the European patent world -
on which the representatives of the 38 member states sit. The visitors to the
Patent Office who typically sojourn on the first floor also include patent
attorneys. On Monday [8 June 2015] the EPO declined to comment on the
internal document but did not contest its authenticity.

In the document drawn up by the Head of the EPO’s investigative unit and sent
to the Data Protection Officer, the reason given for the surveillance measures
was a defamation campaign against the President and other managers of the
Office.

In fact,
since the beginning of 2013, letters accusing Benoît Battistelli, and also his
Croatian Vice President Zeljko Topic, of numerous misdeeds have been circulating.
There were strong indications that these letters had been sent from the two
computers in question to which not only every registered visitor but also every
employee of the EPO could log in via a common password. Therefore, according to
the internal communication, it was not possible to identify and monitor an
individual user.

Covert
surveillance of the terminals in question

Apparently
the internal investigators had come across IP addresses that they could assign
to both of the public computers. For this reason, according to their
conclusion, there was no other option but to place the two machines in question
under covert surveillance. If during the agreed six-week time window between
7th November and 18th December no further defamatory material was sent, neither
the pictures nor the data would be analysed, it was stated. Until then, the
information that was monitored would only be available to the members of the
internal investigation unit and the IT technicians.

The
matter is also particularly sensitive because during the period in which the
surveillance was being carried out the 142th Meeting of the Administrative
Council also took place in the building, namely on 10. and 11. December
2014. In addition, the Budget and Finance Committee also met during the
period in question.

The
computers are apparently located near the room where the Council meets. Whether
this body and the Office Administration, i.e. Battistelli, was involved in the
procedure is unclear. This is not apparent from the document. This only
includes handwritten notes of two of the signatories but the signatures are
missing.

Even
insiders expressed reservations

In fact
not only was material sent, but also a suspected letter-writer was caught - hence
the data were also analysed. A member of the Boards of Appeal of the Office, a
patent judge, was apparently caught in the act and Battistelli immediately
subjected him to a “house ban”. This was equal to a suspension and consequently
a legally impermissible interference with the independence of that department [i.e.
the Boards of Appeal], which was retroactively rubber-stamped by the
Administrative Council.

However,
the tide of indignation ran high. Off the record even insiders expressed their
reservations about Battistelli’s actions. Politicians from individual member
states and patent attorneys expressed their outrage in public and even spoke of
violations of fundamental rights.

The EPO
declined to comment on the sensitive document citing a pending procedure as its
reason. The Administrative Council is due to decide on possible disciplinary
action at one of its forthcoming meetings.

As
ever, Merpel welcomes comments, but begs to remind readers of the following:

Henceforth,
in respect of all EPO-related blogposts, no
comment will be posted if it is merely ascribed to "Anonymous".
Any reader wishing to conceal his or her identity must adopt a pseudonym (which should not be
obscene and should not be the name, or the mis-spelling of the name, of a real
person). The pseudonym need not be an actual login name, as long as it is
stated clearly at the beginning and/or end of the comment itself. This way, it
will be easier for people who post later comments to identify and remember the
earlier comment-poster and to recall the discussion string. Where, as has
already happened on occasion, a string carries over from one blogpost to a
later one on the same or a related subject, readers will be encouraged to use
the same pseudonym for the sake of continuity.

90 comments:

Glad to be out of the madhouse
said...

Not only is the confidentality of the communications of attorneys and members of the Administrative Council being violated, but also, this information is possibly being made available to third parties external to the Office through the external "consultants" of Control Risks...

GeorgeSmiley says:These were public computers potentially used by attorneys to communicate with other lawyers/clients or to prepare legal documents for submission during oral proceedings or to ein internet access to report afterwards. I guess that there therefore is an issue with legal privilege and client and commercial confidentiality which was overlooked when the surveillance instructions were issued. I guess that we now have to treat visiting the EPO like visiting China on business - trust no public IT or communications network, and wipe/discard laptops and memory sticks after use in case keyloggers/viruses/trojans/snooping software has been installed or transferred from EPO systems. Ouch. Just made our IT department's job harder.

I fervently urge, no, beseech, all Kats to refrain from using any EPO-provided communications facility, in particular WI-FI access points, public computers, and even internal phones when visiting EPO premises, for example next month's UPC conference which I understand Jeremy will attend -- cf. href="http://ipkitten.blogspot.de/2015/06/the-last-mile-or-still-edging-along.html.

Keep all your electronic devices close to your chest, and mistrust even public cellular facilities in the neighbourhood.

With this abundantly clear background given in the present blogpost, it isn't necessary to elaborate any further.

GSM_Gary says:Cellular interceptors are invisible to users and commercially available. Is the EPO even safe for making cellular calls nearby? http://www.computerworld.com/article/2600348/mobile-security/are-your-calls-being-intercepted-17-fake-cell-towers-discovered-in-one-month.html

Section 2 Public and private bodies...(4) "Private bodies" means natural or legal persons, companies and other private-law associations in so far as they are not covered by paragraphs 1 to 3 above. To the extent that a private body performs sovereign public administration duties, it shall be treated as a public body for the purposes of this Act.

Section 3 Further definitions

(1) "Personal data" means any information concerning the personal or material circumstances of an identified or identifiable individual (the data subject).

Section 6 Inalienable rights of the data subject

(1) The data subject's right to information (sections 19, 34) and to correction, erasure or blocking (sections 20, 35) may not be excluded or restricted by a legal transaction.

Section 43 Criminal offences

(1) Anyone who, without authorization,

1. stores, modifies or communicates,

2. makes available for automatic retrieval or

3. retrieves or obtains for himself or for others from data files

any personal data protected by this Act which are not common knowledge shall be punished by imprisonment for up to one year or by a fine.

"At the time they were so happy with the news that the Office covered their dental expenses that they did not go into details ..."

Or maybe the news that the Investigation Unit had access to correspondence they thought private is enough to keep their interest limited...how many of them may have accessed their own private email accounts from those computers?

Control Risks achieves first tangible results, discovering that the staff union SUEPO actually was behind this incredible spying action, which aimed at bringing the EPO management in serious disrepute. The manager who organised the action was found to be a former chairman of SUEPO. He is told to have now left the office "upon mutual agreement". Exstasi

Don't forget that, according to the protocol on privileges and immunities, the EPO only has judicial immunity within the scope of its official activities (Prot. Priv and Immunity).

I do not think that the Polizei would be convinced that bugging of members of the public and legal profession at Erhardtsrasse was within the scope of the official activities "strictly necessary for its administrative and technical operation" as defined by the EPC.

People who visited the EPO recently, and used the public computers, should file a complaint with the Polizei in Munich.

Article 3

(1)

Within the scope of its official activities the Organisation shall have immunity from jurisdiction and execution, except

(a)

to the extent that the Organisation shall have expressly waived such immunity in a particular case;

(4)

The official activities of the Organisation shall, for the purposes of this Protocol, be such as are strictly necessary for its administrative and technical operation, as set out in the Convention.

Snoopy lives in a very plush part of town And everybody, yeah, tries to put poor Snoopy down Snoopy, I don't care what your snoopers do'Cause you know, Snoopy Ben, they’re out to get youAnd so I sing out

Bang on, SnoopySnoopy, bang on!Bang on, SnoopySnoopy, bang on!

Snoopy’s hired an outside firm, to act as his shills So Snoopy can detect his foes, and give them the chillsSnoopy, they won’t see you coming, them to defeatAnd before theY know it, Snoopy, they’re out on the street!And so I sing out

B enny re-signed a contract just last yearE mbattled staff wished the hyphen would disappearS o over to you AC,the wrong man backedI t is high time, he should be sackedE legant solutions are for the binG olden handshake,we'll all chip inE scape,Vietnam style,from the roof,us looking onD rone or helicopter and with a sigh gone

As far as I can discern, Ex Stasi at 16:03 reports that the Keylogger was installed on the PC on behalf of SUEPO (the EPO Staff Union) and that, by mutual Agreement, the SUEPO person responsible has now left the EPO's employment.

There is also the Pinkerton goon squad a.k.a. Control Risks cast into the role of the WH's cuban plumbers.

And of course, Benoît le Magnifique as Tricky Dick.

The parallels run as far as the President attempting to deflect his responsibility unto underlings. ("The buck stops anywhere but here"???)

Case in point: the recent article FAZ, available in translation at Techrights:

“The selection of CRG by the competent department was made in the course of a procurement procedure,” said a spokesman for the EPO. The competent department was the Internal Audit and Oversight department of the EPO whose Director is Mr. John Martin.

It was confirmed that only this department and not the President was involved in the decision.

(Emphasis by RTF)

Someone apparently read that goof RTF, or the questions are just too obvious to be left unasked.

I have a couple more:

- "Confirmed" by whom? That's pretty vague. Is this really all the damage control that the costly EPO PR flak is capable of?

- If the President doesn't condone the use of CRG, why hasn't he publicly kicked them out? What happened to the people who allegedly hired them?

- To the risk of overemphasis: How, where, and when did this procurement procedure took place? If hiring a few poorly paid people to operate a crèche, or hiring students for summer jobs are items to be tendered out in the EU OJ, then surely a high value contract deserves the same treatment? If a tender really took place, why should it have been confidential if it was legitimate?

- How did the department appropriate funds to hire a contractor without these being foreseen in the budget, or approved by the President?

Max3,I suspect a slight confusion. The former head of the investigation unit (til end 2014, when he retired) was formerly a union committee member. Not sure he was ever president of suepo. He would have been in charge when the tracking was allegedly performed but that is many years after he was active in the union.

Dear MaxDrei,That the manager responsible for the Investigation Unit when the action occured was a former chairman of SUEPO and that he retired a few weeks after, are publicly known facts as just confirmed by Cynic. That Control Risks now discovered that SUEPO itself was behind the whole action was a joke.Whether it was a poor joke depends on individual sense for humour, I'm afraid.Exstasi

Model public service organisation which spies on the members of the public and on its employees??? And all that under the supervision of the AC?I feel sorry for those who were spied on by the EPO, but I am afraid that nothing can be done about this. The EPO enjoys immunity. The AC did not lift the immunity when (another) president physically attacked an employee and they did not lift the immunity when faced with the Dutch Court order. So nothing indicates that the AC would do anything now. The AC got rid of any supervision. They abolished independent audit. They limited the staff representation influence. They were silent when the requests of the staff representation to address the AC were denied by the president and when any opinions of the staff reps were completely ignored by the president. They happily watched as the union was banned by the president. The only thing that the AC is supervising is the profit and they do not want to know anything about how the profit comes about. The AC zealously supported all the highly controversial wishes of the president, such as putting ill people under house-arrest for at least 10 years or the wish of the president to refuse to follow the Dutch court order.The question is why? That the answer should be the issue of the cooperation budgets appears not quite convincing. So, I wander, if the president happened to come across some privileged information about the AC members, maybe it would help to persuade them that he disserved their full support. But they should not complain. Finally, they approved the investigation guidelines unanimously.

The President has no inkling how or why the company "Contact Risk" was given a contract to deal with the overflow of work in the EPO's investigative unit, but the same investigative unit is directly under the authority of the President in the EPO's organigram.

Is it a case of sheer incompetence or just another instance of Sepp-Blatterism?

T'ere was chest on chest of EPO goldWith a ton of plate in the middle holdAnd the cabins riot of stuff untold,And they all lay there that took the plumWith sightless glare and their lips struck dumbWhile we shared all by the rule of thumb - Yo ho ho and a bottle of rum! [...]

We wrapped 'em all in a mains'l tightWith twice ten turns of a hawser's bightAnd we heaved 'em over and out of sight,With a Yo-Heave-Ho! and a fare-you-wellAnd a sudden plunge in the sullen swellTen fathoms deep on the road to hell - Yo ho ho and a bottle of rum!

If the advice is to purge my laptop after I have visited the EPO, how safe is electronic filing, receiving office actions from the EPO, and running the "Case Management System"? Could they not be employed to insert spyware on my computer?

The Data Protection Guidelines at the EPO were amended in February 2014 in order to give full power to the Investigation Unit. At that time, the staff representatives in the General Advisory Committee gave a negative opinion and pointed that these guidelines did not comply with EU standards. As usual, Battistelli ignored these arguments and even disbanded the General Advisory Committee with the "social democracy" reform.

The 38 "democratic" member states must now react and the EU must think twice before letting the EPO deal with the Unitary Patent. But the Administrative Council so far has failed to react and even supported Battistelli in his refusal to execute the judgment of the Dutch Court of Appeal which considered that the EPO breached human rights.

EU Standards, Indeed. And one point of contention was that the EPO Data Protection Officer was being changed to a director in HR (reporting to Ms Bergot, principal director of HR who designed the system)so that the departments which had access to personal data were controlled by the person who determined whether their use of the data met data protection guidelines! All external advice was that the DPO must be independent of data use but that was definitely not the case here.

I am a little confused. Article 1(2) of the Circular setting out the Guidelines for Investigation at the EPO mentions that the Guidelines apply to people who are not employees (or former employees) of the EPO but undertake work "in" OR "on behalf of" the Office. Given that the two alternatives here are clearly intended to cover different people, it would seem that the Circular attempts to apply the Guidelines for Investigation to anyone "working" in the premises of the EPO.

Does this mean that anyone visiting the EPO for "work" purposes (e.g. attorneys, the AC or conference attendees) should be concerned about being investigated by the EPO? And are they obliged by Article 5 of the Circular to report possible misconduct and by Article 8 to fully cooperate with any investigations?

Confused, Presumably yes since there would be a legitimate need to apply the guidelines to external people who, for example, attacked a member of staff or attempted to download dubious material on computers. But the terms of the circular do appear to be creating the state within a state which has been mentioned before. Note that the guidelines do allow for investigations to sell civil authorities assistance when the investigation unit runs out of its own powers. Look out for Merpel being cat-napped and rendered to a secret epo location??

every doubt you may have about the meaning and scope of these Guidelines for Investigation will be immediately dispelled when you know that they have been certainly approved by the Legal Department of the EPO, under the watchful eye of VP5 Raimond Lutz, a former President of the German Federal Patent Court and a lawyer himself!

Could the members of the boards of appeal perhaps explain how in the present circumstances they can still use the computer and electronic communication systems of the EPO for their daily work and guarantee the secrecy of the deliberations?Myquestion

Many thanks to Cynic and Rule of Law for the "clarifying" comments. However, I remain confused. The Guidelines for Investigation are exactly that - i.e. Guidelines. They do not have the force of law. However, I presume that the EPO can rely upon its "immunity" if, in applying those Guidelines (to employees or visitors), it breaches local or EU laws. My confusion relates to how concerned I should really be about all of this.

The mere possibility for the EPO's Guidelines to be applied to visitors to the EPO does not, on its own, make it likely that such an event will ever occur. However, the rather careless, "catch-all" drafting of the Guidelines, together with the potential absence of any legal remedy against their inappropriate application leaves me with a distinct feeling of unease.

Applying the Guidelines to individuals who are not employees of the EPO and who have not given their explicit consent to be bound by those Guidelines is at the very least bad form. Should not the EPO therefore provide explicit notice to all visitors of the rules and regulations that will apply to them, as well as the obligations that will be placed upon them?

If the intention is for the Guidelines to apply to everyone "working" on the EPO's premises, then why not be up-front about this?

The boards have no idea whether they are under investigation. The investigated one is the last to know about it and he or she is not alowed to talk about ongoing investigation. Thus, even if the boards would know, they would not be able to tell the public.

#epogate !!! I hope Merpel and other journalists follow up with same investigative persistence as Woodward and Bernstein in 1974. Every president can fall and this one certainly warrants a closer look.

Watching the detectives - thanks for your comments. Whilst it is nice to know that there is an Elvis Costello fan on this blog, I think that you have perhaps answered a question that I did not ask. Whilst I understand the reasons why a person being investigated might not be informed of the existence of an active investigation, I really do not understand what would prevent the EPO from being up-front with visitors about:(a) the existence of the Guidelines; and, most importantly(b) the way in which those Guidelines could, in principle, apply to visitors.

What is to stop this? I would have thought that at least professional courtesy would demand it!

"I really do not understand what would prevent the EPO from being up-front with visitors about"

So, you expect the EPO to inform every visitor that as soon as they enter the premises of the Office they loose all their rights: they can be put under investigation without being informed, they cannot remain silent, they cannot ask the help of a lawyer and and cannot talk about it to anybody - btw, this is what is happening to the Staff Representatives put under investigation with the help of Control Risk.

A simple German citizen entering the premises of the Office enjoys no more the rights he has outside as a German and European citizen.

How long you think Benito Battistelli would have remained in charge if this would have been made public before?

Rumor has it that you could also take a dinner cruise in a bateau mouche on the Seine tonight, where BB will mingle with carefully selected inventors and top French politicians. Tomorrow, you may then devoutly listen to his speech at the lavish, multi-million 10th anniversary of the EPO Inventor gala, all paid from the deep pockets of the EPO.

But then again, this event might also turn into an opportunity for BB to network for new job opportunities in his home country. After all, he has already made good progress on shattering morale and wrecking the Patent Office, so why not move on to new fields of "activity"?

Is it realy so hard to understand that when you are entering the EPO, you are entering a banana-republik? And you cannot seriously expect that a banana-republick is going to be "up-front" about all the attractions and entertaiment waiting in store for you there. They will tell you abot some but never abot all of it.

@Confused:I really do not understand what would prevent the EPO from being up-front with visitors about

Spying on whoever is using the facilities in the public area was probably intended to catch the person using those facilities to spread "defamatory materials". Placing a clear warning sign might have, well, served as a warning.

In this case the computer is not "fremd" but owned by the EPO, but I cannot imagine that making a difference if its purpose is to be freely used by members of the public.

§ 202a does not specifically outlaw the use of keyloggers, but more generally forbids the unauthorised access to protected data by circumventing the protection. Up to three year imprisonment.

The camera would seem less of an issue to me if it was just to have a global view of the room and if people had been made aware of it (which probably was not the case). But now I read the article again... apparently the computers were fitted with cameras? Just weird.

The investigation guidelines obviously don't apply to external visitors. But that does not mean they are not being spied on, as this scandal shows. The IU might not keep or use any passwords from attorneys and AC delegates they have logged, but how can one be sure.

Hightlights:- Immunity is part of the international legal order. Immunity from execution means that a judgment cannot be executed without permission from the relevant international organisation. It does not mean that the international organisation is free from obligations under international law or the law of the host state.- The Netherlands will, together with other countries, raise the issue in the Administrative Council. In addition, The Netherlands will, in dialogue with the EPO, insist upon a solution of the conflict between employees and EPO management.- The minister recites Art. 20 PPI, which makes clear that the EPO is to cooperate with the competent authorities of the Contracting States in order to facilitate the proper administration of justice, to ensure the observance of police regulations and regulations concerning public health, labour inspection or other similar national legislation.- In so far as immunities do not stand in the way, the judgment of the Court of Appeal will have to be respected by the parties, unless one of them appeals to the Dutch Supreme Court. Immunities exist to ensure the proper functioning of the international organisation. In the case of almost all international organisation seated in The Netherlands, immunities do not lead to any problems and conflicts are resolved by means of internal complaint procedures or in consultation with the host state. The fact that there are problems at the EPO is exceptional.

With these answers I find it difficult to imagine that the Dutch delegation will support a continuation of BB's presidency...

I think that this little "fireside chat" might be of more interest that the circus on 10 and 11 June.http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-%2f%2fEP%2f%2fNONSGML%2bCOMPARL%2bJURI-OJ-20150615-1%2b02%2bDOC%2bPDF%2bV0%2f%2fEN

For live video transmission on EPTV:http://www.europarl.europa.eu/ep-live/en/committees/video?event=20150615-1500-COMMITTEE-JURI

Charlie says: Perhaps this is not a problem we can expect the EPO to solve. Perhaps, for the safety of their citizens, the German government should erect walls around all EPO land, so that German citizens do not inadvertently stray off German soil and into the EPO no-man's-land, where the rights and rules change. Supervised passages through the wall could permit entry and exit to EPO soil, to those who know the consequences of stepping over the border. A simple sign could suffice at these "checkpoints" - "You are now leaving the German sector.", comes to mind.

I have to wonder if "watching the detectives" ever watched Hogan's Heros, as his quote has been translated here in the states to the mantra of Sergeant Shultz (that would not be a good thing, by the way).

In this case the computer is not "fremd" but owned by the EPO, but I cannot imagine that making a difference if its purpose is to be freely used by members of the public.”

Indeed the ownership does not seem to make a difference. Just think of a publicly accessible computer in a hotel: the owner of the hotel is not allowed to spy on the guests using the computer just because he owns the computer.

So it seems that a criminal offense has been committed. Considering that spying on attorneys and members of the Administrative Council can hardly be considered as an official activity of the EPO and as such covered by immunity we´ll see if the German justice will do something (I guess not).

What does minister Van der Steur make of RFP 384673-2010 in view of Art. 20 PPI:

3. Description of the contract:

(a) Purpose of the contract:

Inspection of the premises and the working conditions on the EPO premises in The Hague for compliance with the provisions of the Dutch national regulations and norms, within the limits laid down in the Protocol on Privileges and Immunities of the Organisation, and the service regulations and/or other rules applicable to permanent employees and other staff. The inspections will not include the social and medical aspects of the working conditions governed by the provisions of the service regulations and any other provisions relating to the office's social security pension and health insurance schemes, nor to the regulation of working hours governed by the provisions of the service regulations and any other provisions relating to working hours. The inspection shall simulate the inspection exercises performed by the Dutch Inspectorate Authority of the Ministry of Social Affairs and Employment, and the contracting company shall be a certified health and safety external services provider (according to the Stichting Beheer Certificatie Arbodiensten).

[...]

4. Place and period of performance:

(a) Place at which the contract is to be performed:i. The EPO Branch office in Rijswijk (NL).

[...]

5. Variants:

Proposals for variants, the effect of which would be to reduce significantly the rights and safeguards of the EPO, are not allowed.

In other words: the EPO was looking for the mere simulation of a workplace inspection, but only on subjects of its own choosing, and under the absolute condition that the findings would never be binding on it in any possible way.

BB"...And you keep your feet on the ground and your head on those shoulders of yours and go out on stage, and Axelle, you're going out a youngster, but you've got to come back a star!"

AL: "May I obey all your commands with equal pleasure, sire."

AL: “….The French government is aware about the social difficulties that have been expressed within the EPO, the EPO has the exemplary task to exercise an absolute transparency with respect to the rights of staff working there….” (audience clapping…, except BB)

AL: "Well, sir, here we are again."

BB: "I think you have a large order of 'prognosis negative'."

EB: "Good. For a moment there, I thought we were in trouble."

AL: "We'll did you BB and EB not started a reign of terror in the EPO – firing some staff here and there. Firing great men, fire little men. Just to show you make no distinction and are the SR and TU now not only dead, but decomposed "

EB: "The EPO is haunted...Frightful ghosts all wearing stuffed shirts and mink-lined ties."

BB: "Nothing can hurt us now. What we have can't be destroyed. That's our victory... our victory over the dark."

Check Fosspatents for the actual request to the DPO for retrospective 'permission' to install the monitoring in an area where they knew AC meetings were taking place. The request was only to ask whether permission would have been granted and was only agreed about 4 weeks after monitoring began. Not impressive. The DPO has since moved on to a different department.

Cynic, I've noticed a curiosity about times in that doc. The Investigation Unit carried out it's actions from 07.11 to 18.12 and signed a letter on 07.11 to the DPO to ask if the activities 'would have been authorised' in accordance with the articles. A strange tense implying that they had already been started so was after the fact. There is also no sense that a negative answer would have meant stopping the surveillance, since the question seems to be only of interest and not decisive. That may explain why there was no rush to give the answer (although the note doesn't say when the DPO received it). In fact the reply that ' I consider the proposed measures as proportionate ' is also a strange tense since the measures were not planned but were already actuated. Also, the reply does not actually make clear that they would have been authorised. But the reply was signed on 03.12, the same day that the Board member was removed from the EPO (according to Wikipedia).All very coincidental..

7 November 2014: Date of the IU's request for the DPO to authorise the bugging. But it is written in the past conditional tense: "Would you have authorised this if we had asked you?"

3rd December 2014: BoA member is given a house ban and marched off the premises.

3rd December 2014: PDO signed off the request.

I think I can hear the conversation:

BB: Jesper, good news! We've caught the person posting defamatory comments by bugging the public computers on the first floor!

JK: You bugged what?!!. But the BFC and the Administrative Council members use those computers! Hell, even I use those computers. And you've been bugging us? How long has this been going on for?

BB: Er... since 7th November.

JK: And the DPO authorised this?

BB: Well, no... We never actually asked her.

JK: Bloody hell, if this gets out there'll be a huge row. And the AC is going to have to set up a Disciplinary Committee to hear the case. Some of the AC members chosen to sit on it will go bananas when they find out!

BB: Don't worry, we can write a back-dated request and get the DPO to sign it. I'll stand over her while she signs. And to reassure the BFC and AC members, perhaps we could tell them a story that we would never have read or analysed their data.

BB due to appear before the European Parliament at 15:00 or shortly thereafter.http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-%2f%2fEP%2f%2fNONSGML%2bCOMPARL%2bJURI-OJ-20150615-1%2b02%2bDOC%2bPDF%2bV0%2f%2fEN

Actually, this is all excellent news for the board member directly concerned. He can only be removed from office upon decision of the EBA. But who could seriously imagine the EBA validating evidence obtained under such circumstances?

RTf,Don't quote me, but what I remember of his speech and questioning (my words, not his):- EU fees based on top 4 - didn't hear him suggest top 5 was an option - will lead to savings of up to 70% - EU support should encourage last States and EPO will grant first patent next year (Note: He may not have considered the 18 month factor or even the EPO average time to grant but presumably one can be expedited?)- TTIP is a possible issue - USPTO has low quality and grants more generously, while first to file vs first to invent and grace period are not resolved- staff rights are not a problem - he introduced right to strike rules and there were 22 days of strikes in 2014 so that proves staff freedom to strike - Dutch govt supports his appeal v Dutch court, EU wouldn't let national courts tell it what to do, would it? - he has given staff great working conditions, see the next annual report (July) to see staff salaries, benefits (school fees, pension, health care etc.) - he's standing up for the European economy against the staff

The Suepo committee, while being in talks about recognition by the EPO, have revealed that for at least 8 months not only has their email address @suepo.org been blocked, but any email containing the word Suepo has been blocked. The CIO was asked about it in October of last year ( and a number of times since) but has not replied - although was that request blocked from him (hahaha). I am aware of other non-committee colleagues who have also missed innocent emails which contained the string Suepo while Suepo checked and found that replacing the word with 5 other characters overcame the filter.In practice this means that emails from private email accounts to EPO.org emails which refer to Suepo are being blocked as the EPO is electronically reading emails. Maybe not illegal since spam filters are necessary to block offensive material and so on, but it's hard to see that Suepo could be on prescribed list let alone just by being mentioned. And at a time when BB and the AC are supposedly negotiating in good faith, this appears to be duplicitous in t he extreme.

Blacklisted: The Secret War between Big Business and Union Activists, by Dave Smith and Phil Chamberlain - any similarity between the secret investigation and oppression of union members and the current topic is purely coincidental. But I'm sure the UK members of the AC must be very aware of their legal imperatives.

Only now? Can't imagine that anyone has dared to try recently. Self-censorship is a powerful tool. I don't even look at ipkat from the EPO! You don't want to be caught in possession of any anti-BB thoughts.